This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy. We won't track your information when you visit our site. But in order to comply with your preferences, we'll have to use just one tiny cookie so that you're not asked to make this choice again.

Leaked iOS source code may be biggest leak in history

The 'biggest leak in history': Secret Apple source code is posted online prompting fears it could lead to major breach in iPhone security

 
  • Source code for Apple's iBoot software was leaked on GitHub on Thursday 
  • iBoot is a key component of iOS that ensures each device turns on securely
  • Security experts say the leaked source code might be used to jailbreak iPhones
  • Apple now says that the iBoot code poses fewer security risks because it's tied to outdated iOS 9 software that wouldn't affect users running newer iOS versions
  • Code was taken down after Apple demanded GitHub remove it from the site 

A skilled anonymous hacker leaked the source code for Apple's ultra-secret iBoot software on Wednesday, raising fears that almost any iPhone might be vulnerable to hackers. 

The Source code for iBoot, which is the first app that runs when you turn on an iOS device, was posted by an anonymous user 'Zioshiba' on GitHub. 

For example, iBoot runs when the iPhone transitions from a black screen to a white screen and then the iOS home screen. 

The event captured the attention of several security experts, including one who told Motherboard that it was the 'biggest leak in [Apple's] history.' 

Ananonymous hacker posted  source code for Apple's iBoot software, which is the first app that runs when you an iPhone turns on. Apple managed to keep it completely secret until now. Stock image 

An anonymous hacker posted source code for Apple's iBoot software, which is the first app that runs when you an iPhone turns on. Apple managed to keep it completely secret until now. Stock image 

COULD YOUR IPHONE BE AFFECTED BY THE IBOOT LEAK?

An anonymous GitHub user posted Apple's ultra-secret iBoot source code on the internet on Wednesday. 

One security researcher called it the 'biggest leak in [Apple's] history.'

However, Apple has since downplayed the leak, saying that the source code was for iBoot running on iOS 9. 

Only 7% of users are still running devices with software older than iOS 10, which was released in 2016.

If you're using software that's older than iOS 9, which was released in 2015, you should update your device.

Security researchers are still cautioning that the outdated code could give hackers an inside look into how Apple's secret boot software works. 

Pictured,a screen shot of the iBoot soure code that was leaked by GitHub user 'Zioshiba.' The code was for iOS 9, however, which means that fewer iOS devices will be affected by the leak 

'It's a huge deal,' Jonathan Levin, who writes books about iOS system programming, said in an interview with Motherboard. 

Levin was also able to confirm that the source code is authentic. 

With iBoot out in the open, it could make it easier for hackers to spot vulnerabilities in the software. 

It could also open up opportunities for savvy consumers to 'jailbreak' their iPhones, or free their device from constraints imposed by Apple. 

When an iPhone has been jailbroken, users can run software that's not typically allowed or delete applications that come pre-loaded on the device, also known as 'bloatware.' 

Apple recently began using Secure Enclave processors that ensure greater security and made jailbreaking almost obsolete.     

Fortunately, many of the risks associated with the leak have been mitigated. 

Apple has since responded and said that the leak concerns source code from iOS 9, which was released in 2015. 

'Old source code from three years ago appears to have been leaked,' Apple told CNET. 
'But by design the security of our products doesn't depend on the secrecy of our source code.'

'There are many layers of hardware and software protections built into our products, and we always encourage customers to update to the newest software releases to benefit from the latest protections,' the firm added.   

Pictured, a screen shot of the iBoot soure code that was leaked by GitHub user 'Zioshiba.' The code was for iOS 9, however, which means  that fewer iOS devices will be affected by the leak 

Applefiled a copyright takedown request demanding that the source code be removed from GitHub's website, but the code has since appeared on other websites 

Apple filed a copyright takedown request demanding that the source code be removed from GitHub's website, but the code has since appeared on other websites 

Video playing bottom right...

Only 7% of iOS devices are using a version older than iOS 10, which was released in 2016, according to Apple's website.  

If you're part of that 7%, security experts strongly advise that you update to a newer version of Apple's iOS software. 

Although Apple says the leak isn't much to worry about, it still took steps to take the iBoot code off of the internet. 

The firm filed a copyright takedown request on Thursday that demanded it be removed. 

'The "iBoot" source code is proprietary and it includes Apple's copyright notice,' the request reads. 'It is not open-source.'

Only7% of iPhone owners are still running software that's older than iOS 10, according to Apple. This means that a relatively small group of iPhone users would be affected by the leak 

Only 7% of iPhone owners are still running software that's older than iOS 10, according to Apple. This means that a relatively small group of iPhone users would be affected by the leak 

The code has since popped up on other sites, which could give hackers a peak into the inner workings of Apple's iBoot software.

However, security experts say it doesn't generate much risk for the average iPhone user. 

'In terms of end users, this doesn't really mean anything positive or negative,' security researcher Will Strafach told TechCrunch. 

Strafach echoed Apple's sentiment that the security of iOS devices doesn't depend on obscurity. 

'This does not contain anything risky, just an easier to read format for the boot loader code'  

'There is no way to really use any of the contents here maliciously or otherwise,' he added.  

Click the Below Image to Read Next Article : 

Source: vdailymail

Share This Post

related posts

On Top